Email Verification Flow
The workflow should look like this:
- User click on a verify email button in frontend app, which will send GET request to the email verification endpoint,
/users/verify_emailby default. - Api server will then send an email verification link to the user via email. You should provide site in your frontend application (configured by AuthEndpointsOptions.EmailConfirmationUrl).
- User click on the link and will get redirected to email verification page (in frontend app).
- Frontend app will then send a POST request to the confirm email verification endpoint,
/users/verify_email_confirmby default. - Api server will respond with
Status204NoContentif succeeded.
Configuring options
var builder = builder.Services.AddAuthEndpointsCore<IdentityUser>(options =>
{
// will be sent to the user via email.
options.EmailConfirmationUrl = "https://myfrontend.com/account/verify-email-confirm/{uid}/{token}"
// Make sure email options are properly setup.
options.EmailOptions = new EmailOptions()
{
Host = "smtp.gmail.com",
From = Environment.GetEnvironmentVariable("GOOGLE_MAIL_APP_USER")!,
Port = 587,
User = Environment.GetEnvironmentVariable("GOOGLE_MAIL_APP_USER")!,
Password = Environment.GetEnvironmentVariable("GOOGLE_MAIL_APP_PASSWORD")!,
};
});
Checkout how to configure email options
Endpoints
User Verify Email
Use this endpoint to send email verification link via email. You should provide site in your frontend application (configured by AuthEndpointsOptions.EmailConfirmationUrl) which will send POST request to verify email confirmation endpoint.
Default URL: /users/verify_email
Authorizations : (Jwt)
| Method | Request | Response |
|---|---|---|
| GET | - | HTTP_204_NO_CONTENT, HTTP_401_UNAUTHORIZED |
User Verify Email Confirmation
Use this endpoint to finish email verification process.
Default URL: /users/verify_email_confirm
Authorizations : (Jwt or None)
| Method | Request | Response |
|---|---|---|
| POST |
|
HTTP_204_NO_CONTENT, HTTP_400_BAD_REQUEST, HTTP_401_UNAUTHORIZED, HTTP_409_CONFLICT |